登录后更精彩...O(∩_∩)O...
您需要 登录 才可以下载或查看,没有账号?立即注册
×
安全助手分析 -- 隐藏的瑞士军刀
很多公司内部的一条黑龙,如果被利用后果不堪设想。
目录: 1. QQ运行监控软件 2. 获取设备指纹(可单独运行) 3. 获取设备指纹(可单独运行) 4. 上传文件客户端(可单独运行): 5. Hook 调用dll的公共方法: 6. MiniFTClient.exe 7. 防泄漏控制台 8. 压缩软件 9. 请求协助/申请控制/文件传输 10. 获取杀毒软件信息 11. 敏感自查 12. 查询信息 13. 下载上传功能 .... ==============================
1. QQ运行监控软件: C:\Windows\LVUAAgentInstBaseRoot\32\AntiMHT.exe 2. 获取设备指纹(可单独运行): C:\Windows\LVUAAgentInstBaseRoot\32\Vienna.exe CPUID Len20, Content[BFEBFBFFGenuineIntel] HGetCPUIDret 0, buf[BFEBFBFFGenuineIntel] 获取硬盘序列号 Trying toread the drive IDs using physical access with admin rights
Trying toread the drive IDs using the SCSI back door
Trying toread the drive IDs using physical access with zero rights ([00][00][00][8C][01][00][00][00][00][00][01][00][00][00][00]9[00][00][00]z[00][00][00][8B][00][00][00][11][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00]UMISRPJTJ256MEE1OWX[00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00]2.0Q0628[00][00][00][00][00][00][00][00][00]044A_5000_81B0_00CD.[00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00] Offset:139 044A_5000_81B0_00CD.
Mark 1for drive 0 **** Vendor Id= ( ProductId = UMIS RPJTJ256MEE1OWX ProductRevision = 2.0Q0628 SerialNumber = 044A_5000_81B0_00CD.
DeviceIOControlIOCTL_STORAGE_GET_MEDIA_SERIAL_NUMBER error = The request is not valid for thisdevice.
([00][00][00][8C][01][00][00][00][00][00][01][00][00][00][00]([00][00][00]Q[00][00][00]Z[00][00][00][0B][00][00][00][00][00][00][00][00][00][00][00]TOSHIBADT01ACA200 LENOVO[00]MX4OAD10[00] 80Q8713AS[00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00] Offset:90 80Q8713AS
Mark 1for drive 1 **** Vendor Id= ( ProductId = TOSHIBA DT01ACA200 LENOVO ProductRevision = MX4OAD10 SerialNumber = 80Q8713AS
DeviceIOControlIOCTL_STORAGE_GET_MEDIA_SERIAL_NUMBER error = The request is not valid for thisdevice.
V HardDrive Serial Number__________: 044A_5000_81B0_00CD.
V HardDrive Model Number___________: UMIS RPJTJ256MEE1OWX HGetHardiskIDret 0, buf[044A_5000_81B0_00CD.] Total Len256[Are you atiger?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXBFEBFBFFGenuineIntelXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX044A_5000_81B0_00CD.XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX] End UUIDLen 26[EAWL9MVKPJ8KT4AUJQMMG2RB92] HGetComputerIDLen 26 [EAWL9MVKPJ8KT4AUJQMMG2RB92]
Trying toread the drive IDs using physical access with admin rights
Trying toread the drive IDs using the SCSI back door
Trying toread the drive IDs using physical access with zero rights ([00][00][00][8C][01][00][00][00][00][00][01][00][00][00][00]9[00][00][00]z[00][00][00][8B][00][00][00][11][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00]UMISRPJTJ256MEE1OWX[00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00]2.0Q0628[00][00][00][00][00][00][00][00][00]044A_5000_81B0_00CD.[00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00] Offset:139 044A_5000_81B0_00CD.
Mark 1for drive 0 **** Vendor Id= ( ProductId = UMIS RPJTJ256MEE1OWX ProductRevision = 2.0Q0628 SerialNumber = 044A_5000_81B0_00CD.
DeviceIOControlIOCTL_STORAGE_GET_MEDIA_SERIAL_NUMBER error = The request is not valid for thisdevice.
([00][00][00][8C][01][00][00][00][00][00][01][00][00][00][00]([00][00][00]Q[00][00][00]Z[00][00][00][0B][00][00][00][00][00][00][00][00][00][00][00]TOSHIBADT01ACA200 LENOVO[00]MX4OAD10[00] 80Q8713AS[00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00][00] Offset:90 80Q8713AS
Mark 1for drive 1 **** Vendor Id= ( ProductId = TOSHIBA DT01ACA200 LENOVO ProductRevision = MX4OAD10 SerialNumber = 80Q8713AS
DeviceIOControlIOCTL_STORAGE_GET_MEDIA_SERIAL_NUMBER error = The request is not valid for thisdevice.
V HardDrive Serial Number__________: 044A_5000_81B0_00CD.^$^ 80Q8713AS^$^
V HardDrive Model Number___________: UMIS RPJTJ256MEE1OWX^$^TOSHIBA DT01ACA200 LENOVO^$^ [UMISRPJTJ256MEE1OWX][044A_5000_81B0_00CD.] [TOSHIBA DT01ACA200 LENOVO][80Q8713AS]
3. 获取设备指纹(可单独运行): C:\Windows\LVUAAgentInstBaseRoot\32\PrettySkirt.exe =================================== Pleaseinput the index of cmd(0-N, q for quit): 0: get file version2 info 1: get file md5 2: getfile crc 3: set file lowpriv 4: get file signed info 5: create everyone dir 6: get disk sn 7: get string md5 8: real->fake 9: fake->real 10: read disk sector 11: process:list all basic 12: process:list all and dll 13: process:list one dll 14: process:find one dll 15: process:remote_inject_dll 16: get file version info 17: create file with no content 18: get domain info 20: get domain info loop 21: converse file content 22: file: long to short 23: file: short to long 24: suspend thread 25: resume thread 26: QueueUserAPC 27: File log on 28: File log off 29: check manifest 30: update manifest 31: get nic info 32: get file version info 33: enum desktops 34: get desktop info by thread id 35: write rand file 36: read rand file 37: while insert vozo dll to qq 38: cmd pid:insert vozo dll to pid 39: [cpu core] use cpu 40: [MB] use memory 41: udp test 42: agent eou port test 43: get hw nic info 44: agent eou port test internal 45: write LVASDInstallResult.xml false 46: write LVASDInstallResult.xml true 47: get monitor info 48: get disk info
47 你有 1 个显示器 品牌名称:Lenovo 型号:LEN65C7LEN LI2364 序列号:FU510M6ZF 分辨率:1920* 1080 屏幕宽:51 厘米 屏幕高:29 厘米 屏幕对角线:23 英寸 生产时间:2020 年第 42 周
48 类型: SCSI 型号: UMISRPJTJ256MEE1OWX 硬盘ID:40A45_00_0180B0_C0.D 大小:256060514304(238GB)
类型: SCSI 型号: TOSHIBADT01ACA200 LENOVO 硬盘ID: 8Q07831SA 大小:2000398934016(1863GB)
4. 上传文件客户端(可单独运行): C:\Windows\LVUAAgentInstBaseRoot\32\MiniFTClient.exe 5. Hook 调用dll的公共方法: C:\Windows\LVUAAgentInstBaseRoot\32\ SetGlobalVar.exe 6. MiniFTClient.exe
Usage: C:\Windows\LVUAAgentInstBaseRoot\32\MiniFTClient.exe serveripusername password uploadfile(absolute path) ExitCode: -1.uploadfile wrong,check it -2.networkwrong,check serverip -3.username is notexist -4.username orpassword is wrong -5.filename is existin server -6.user is alreadylogging,try again will be fine -7.browse serverfile failed.check log -8.upload filefailed.check log -9.parameter numwrong 0.upload ok Thrift: Thu Jan07 15:57:00 2021 TSocket:  pen() timed out <Host: 10.10.3.52 Port: 10000>
7. 防泄漏控制台:C:\Windows\LVUAAgentInstBaseRoot\system32\PoriaConsole.exe 8. 压缩软件:C:\Windows\LVUAAgentInstBaseRoot\7z.exe 9. 请求协助/申请控制/文件传输:C:\Windows\LVUAAgentInstBaseRoot\AugustIsNotEnd.exe 10. 获取杀毒软件信息:C:\Windows\LVUAAgentInstBaseRoot\AutoGetAVInfo.exe 11. 敏感自查:C:\Windows\LVUAAgentInstBaseRoot\CmSelfCheck.exe 12. 查询信息 C:\Users\x>C:\Windows\LVUAAgentInstBaseRoot\devcon64.exehelp DeviceConsole Help: devcon64.exe[-r] [-m:\\<machine>] <command> [<arg>...] -r Reboots the system only when arestart or reboot is required. <machine> Specifies a remote computer. <command> Specifies a Devcon command (see commandlist below). <arg>... One or more arguments that modify acommand. For helpwith a specific command, type: devcon64.exe help <command> classfilter Add, delete, and reorder classfilters.
classes List all device setup classes.
disable Disable devices.
driverfiles List installed driver files fordevices.
drivernodes List driver nodes of devices.
enable Enable devices.
find Find devices.
findall Find devices, including thosethat are not currently attached.
help Display Devcon help.
hwids List hardware IDs of devices.
install Install a device manually.
listclass List all devices in a setup class.
reboot Reboot the local computer.
remove Remove devices.
rescan Scan for new hardware.
resources List hardware resources fordevices.
restart Restart devices.
sethwid Modify Hardware ID's of listedroot-enumerated devices.
stack List expected driver stack fordevices.
status List running status of devices.
update Update a device manually.
updateni Manually update a device (noninteractive).
dp_add Adds (installs) a third-party(OEM) driver package.
dp_delete Deletes a third-party (OEM) driverpackage.
dp_enum Lists thethird-party (OEM) driver packages installed on this machine.
13. 下载: C:\Users\abc>C:\Windows\LVUAAgentInstBaseRoot\FileDownloader.execurl --help Usage:curl [options...] <url> Options  H) means HTTP/HTTPS only, (F) means FTP only -a/--append Append to target file when uploading(F) -A/--user-agent <string> User-Agent tosend to server (H) --anyauth Pick"any" authentication method (H) -b/--cookie <name=string/file> Cookiestring or file to read cookies from (H) --basic Use HTTP Basic Authentication (H) -B/--use-ascii Use ASCII/text transfer -c/--cookie-jar <file> Write cookies tothis file after operation (H) -C/--continue-at <offset> Resumedtransfer offset -d/--data <data> HTTP POST data (H) --data-ascii <data> HTTP POST ASCII data (H) --data-binary <data> HTTP POST binarydata (H) --negotiate Use HTTP NegotiateAuthentication (H) --digest Use HTTP Digest Authentication (H) --disable-eprt Inhibit using EPRT or LPRT (F) --disable-epsv Inhibit using EPSV (F) -D/--dump-header <file> Write theheaders to this file --egd-file <file> EGD socket path forrandom data (SSL) --tcp-nodelay Use the TCP_NODELAY option -e/--referer Referer URL (H) -E/--cert <cert[:passwd]> Clientcertificate file and password (SSL) --cert-type <type> Certificate filetype (DER/PEM/ENG) (SSL) --key <key> Private key file name (SSL/SSH) --key-type <type> Private key filetype (DER/PEM/ENG) (SSL) --pass <pass> Pass phrase for theprivate key (SSL/SSH) --pubkey <key> Public key file name (SSH) --engine <eng> Crypto engine to use (SSL). "--enginelist" for list --cacert <file> CA certificate toverify peer against (SSL) --capath <directory> CA directory(made using c_rehash) to verify peer against (SSL) --ciphers <list> SSL ciphers to use(SSL) --compressed Request compressed response (using deflateor gzip) --connect-timeout <seconds> Maximumtime allowed for connection --create-dirs Create necessary local directory hierarchy --crlf Convert LF to CRLF in upload -f/--fail Fail silently (no output at all) onHTTP errors (H) --ftp-account <data> Account data tosend when requested by server (F) --ftp-alternative-to-user String to replace"USER [name]" (F) --ftp-create-dirs Create the remote dirs ifnot present (F) --ftp-method [multicwd/nocwd/singlecwd]Control CWD usage (F) --ftp-pasv Use PASV/EPSV instead of PORT (F) --ftp-skip-pasv-ip Skip the IP address forPASV (F) --ftp-ssl Try SSL/TLS for ftp transfer (F) --ftp-ssl-control Require SSL/TLS for ftplogin, clear for transfer (F) --ftp-ssl-reqd Require SSL/TLS for ftp transfer (F) --ftp-ssl-ccc Send CCC after authenticating (F) --ftp-ssl-ccc-mode [active/passive] Set CCCmode (F) -F/--form <name=content> Specify HTTPmultipart POST data (H) --form-string <name=string> SpecifyHTTP multipart POST data (H) -g/--globoff Disable URL sequences and ranges using{} and [] -G/--get Send the -d data with a HTTP GET (H) -h/--help This help text -H/--header <line> Custom header to passto server (H) --ignore-content-length Ignore the HTTP Content-Length header -i/--include Include protocol headers in the output(H/F) -I/--head Show document info only -j/--junk-session-cookies Ignore sessioncookies read from file (H) --interface <interface> Specifynetwork interface/address to use --krb <level> Enable kerberos with specified securitylevel (F) -k/--insecure Allow connections to SSL sites withoutcerts (H) -K/--config Specify which config file to read --libcurl <file> Dump libcurlequivalent code of this command line -l/--list-only List only names of an FTP directory (F) --limit-rate <rate> Limit transferspeed to this rate --local-port <num>[-num] Force use ofthese local port numbers
-L/--location Follow Location: hints (H) --location-trusted Follow Location: and sendauthentication even to other hostnames (H) -m/--max-time <seconds> Maximum timeallowed for the transfer --max-redirs <num> Maximum number ofredirects allowed (H) --max-filesize <bytes> Maximum filesize to download (H/F) -M/--manual Display the full manual -n/--netrc Must read .netrc for user name andpassword --netrc-optional Use either .netrc or URL;overrides -n --ntlm Use HTTP NTLM authentication (H) -N/--no-buffer Disable buffering of the output stream --no-sessionid Disable SSL session-ID reusing (SSL) -o/--output <file> Write output to<file> instead of stdout -O/--remote-name Write output to a file named as the remotefile -p/--proxytunnel Operate through a HTTP proxy tunnel (usingCONNECT) --proxy-anyauth Pick "any" proxyauthentication method (H) --proxy-basic Use Basic authentication on the proxy (H) --proxy-digest Use Digest authentication on the proxy (H) --proxy-ntlm Use NTLM authentication on the proxy (H) -P/--ftp-port <address> Use PORT withaddress instead of PASV (F) -q If used as the first parameterdisables .curlrc -Q/--quote <cmd> Send command(s) to server before filetransfer (F/SFTP) -r/--range <range> Retrieve a byte rangefrom a HTTP/1.1 or FTP server --random-file <file> File for readingrandom data from (SSL) --raw Pass HTTP "raw", withoutany transfer decoding (H) -R/--remote-time Set the remote file's time on the localoutput --retry <num> Retry request <num> times if transientproblems occur --retry-delay <seconds> Whenretrying, wait this many seconds between each --retry-max-time <seconds> Retry onlywithin this period -s/--silent Silent mode. Don't output anything -S/--show-error Show error. With -s, make curl show errorswhen they occur --socks4 <host[:port]> Use SOCKS4proxy on given host + port --socks5 <host[:port]> Use SOCKS5proxy on given host + port --stderr <file> Where to redirectstderr. - means stdout -t/--telnet-option <OPT=val> Set telnetoption --trace <file> Write a debug trace to the given file --trace-ascii <file> Like --trace butwithout the hex output --trace-time Addtime stamps to trace/verbose output -T/--upload-file <file> Transfer<file> to remote site --url <URL> Set URL to work with -u/--user <user[:password]> Set serveruser and password -U/--proxy-user <user[:password]> Setproxy user and password -v/--verbose Make the operation more talkative -V/--version Show version number and quit -w/--write-out [format] What to output aftercompletion -x/--proxy <host[:port]> Use HTTP proxyon given port -X/--request <command> Specify requestcommand to use -y/--speed-time Time needed to trig speed-limit abort.Defaults to 30 -Y/--speed-limit Stop transfer if below speed-limit for'speed-time' secs -z/--time-cond <time> Transfer based ona time condition -0/--http1.0 Use HTTP 1.0 (H) -1/--tlsv1 Use TLSv1 (SSL) -2/--sslv2 Use SSLv2 (SSL) -3/--sslv3 Use SSLv3 (SSL) -4/--ipv4 Resolve name to IPv4 address -6/--ipv6 Resolve name to IPv6 address -#/--progress-bar Display transfer progress as a progress bar
C:\Users\x>C:\Windows\LVUAAgentInstBaseRoot\FileDownloader.execurl --manual _ _ ____ _ Project ___| | | | _ \| | / __| | | | |_) || | (__| |_| | _ <| |___ \___|\___/|_|\_\_____|
NAME curl - transfer a URL
SYNOPSIS curl [options] [URL...]
DESCRIPTION curl is a tool to transfer data fromor to a server, using one of the supported protocols (HTTP, HTTPS, FTP,FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP or FILE). The command is designed to work without user interaction.
curl offers a busload of useful trickslike proxy support, user authen鈥? tication, ftp upload, HTTP post, SSL connections,cookies, file trans鈥? fer resume and more. As you will seebelow, the amount of features will make your head spin!
curl is powered by libcurl for all transfer-related features. See libcurl(3) for details.
URL The URL syntax is protocol dependent.You鈥檒l find a detailed descrip鈥? tion in RFC 3986.
You can specify multiple URLs or parts of URLs by writing part sets within braces as in:
http://site.{one,two,three}.com
or you can get sequences of alphanumericseries by using [] as in:
No nesting of the sequences is supportedat the moment, but you can use several ones next to each other:
You can specify any amount of URLs on the command line. Theywill be fetched in a sequential manner in thespecified order.
Since curl 7.15.1 you can also specifystep counter for the ranges, so that you can get every Nth number orletter:
If you specify URL without protocol:// prefix, curl will attempt to guess what protocol you might want. It willthen default to HTTP but try other protocols based onoften-used host name prefixes. For exam鈥? ple, for host names starting with"ftp." curl will assume you want to speak FTP.
Curl will attempt to re-use connectionsfor multiple file transfers, so that getting many files from the sameserver will not do multiple con鈥? nects / handshakes.This improves speed. Of course this is only done on files specified on a single command lineand cannot be used between separate curl invokes.
PROGRESSMETER curl normally displays a progressmeter during operations, indicating amount of transfered data, transferspeeds and estimated time left etc. However, since curl displays data to the terminal by default, ifyou invoke curl to do an operation and it isabout to write data to the terminal, it disables the progress meter as otherwiseit would mess up the output mixing progress meter andresponse data.
If you want a progress meter for HTTPPOST or PUT requests, you need to redirect the response output to a file, using shell redirect(>), -o [file] or similar.
It is not the same case for FTP uploadas that operation is not spit鈥? ting out any response data to theterminal.
If you prefer a progress "bar"instead of the regular meter, -# is your friend. OPTIONS -a/--append (FTP) When used in an FTP upload,this will tell curl to append to the target file instead of overwriting it. If the file doesn鈥檛exist, it will be created.
If this option is used twice, thesecond one will disable append mode again.
-A/--user-agent <agent string> (HTTP) Specify the User-Agentstring to send to the HTTP server. Some badly done CGIs fail if itsnot set to "Mozilla/4.0". To encode blanks in the string, surround the string with single quote marks. This can also be set with the -H/--header option of course.
If this option is set more than once, the last one will be the one that鈥檚 used.
--anyauth (HTTP) Tells curl to figure outauthentication method by itself, and use the most secure one the remote siteclaims it supports. This is done by first doing arequest and checking the response- headers, thus inducing an extranetwork round-trip. This is used instead of setting a specificauthentication method, which you can do with --basic, --digest,--ntlm, and --negotiate.
Note that using --anyauth is not recommended if you do uploads from stdin, since it may requiredata to be sent twice and then the client must be able to rewind.If the need should arise when uploading from stdin, the uploadoperation will fail.
If this option is used severaltimes, the following occurrences make no difference.
-b/--cookie <name=data> (HTTP) Pass the data to the HTTP server as a cookie.It is sup鈥? posedly the data previously received from the server in a "Set- Cookie:" line. The data should be in the format "NAME1=VALUE1; NAME2=VALUE2".
If no 鈥?鈥?letter is used in the line, it is treated as a file鈥? name to useto read previously stored cookie lines from, which should be used in this session ifthey match. Using this method also activates the "cookie parser" which will make curl record incoming cookies too, which maybe handy if you鈥檙e using this in combination with the -L/--location option. Thefile format of the file to read cookies fromshould be plain HTTP headers or the Netscape/Mozilla cookie fileformat.
NOTE that the file specified with-b/--cookie is only used as input. No cookies will be storedin the file. To store cookies, use the -c/--cookie-jar option or you could even save the HTTP headers to a file using-D/--dump-header!
If this option is set more thanonce, the last one will be the one that鈥檚 used.
-B/--use-ascii Enable ASCII transfer when using FTP or LDAP. ForFTP, this can also be enforced by using an URLthat ends with ";type=A". This option causes data sent to stdout to be in text mode for win32 systems.
If this option is used twice, thesecond one will disable ASCII usage.
--basic (HTTP) Tells curl to use HTTP Basic authentication.This is the default and this option isusually pointless, unless you use it to override a previously set option that sets a different authentication method (such as --ntlm, --digest and --negoti鈥? ate).
If this option is used several times, thefollowing occurrences make no difference.
--ciphers <list of ciphers> (SSL) Specifies which ciphers touse in the connection. The list of ciphers must be using valid ciphers. Readup on SSL cipher list details on this URL:
NSS ciphers are done differently than OpenSSL and GnuTLS. The full list of NSS ciphers is inthe NSSCipherSuite entry at this
If this option is used several times, thelast one will override the others.
--compressed (HTTP) Request a compressedresponse using one of the algorithms libcurl supports, and return theuncompressed document. If this option is used and the server sends an unsupported encoding, Curl will report an error.
If this option is used severaltimes, each occurrence will tog鈥? gle it on/off.
--connect-timeout <seconds> Maximum time in seconds that you allow the connection to the server to take. This only limits the connection phase, once curl has connected this option is of no more use. See also the -m/--max-time option.
If this option is used severaltimes, the last one will be used.
-c/--cookie-jar <file name> Specify to which file you wantcurl to write all cookies after a completed operation. Curlwrites all cookies previously read from a specified file as well as all cookies received from remote server(s). If no cookiesare known, no file will be writ鈥? ten. The file will be written using the Netscape cookie file format. If you set the file nameto a single dash, "-", the cookies will be written tostdout.
NOTE If the cookie jar can鈥檛 be created or written to, the whole curl operation won鈥檛 fail or even report an error clearly. Using -v will get a warning displayed, but thatis the only visible feedback you get about thispossibly lethal situation.
If this option is used severaltimes, the last specified file name will be used.
-C/--continue-at <offset> Continue/Resume a previous file transfer at thegiven offset. The given offset is theexact number of bytes that will be skipped counted from the beginning of the source filebefore it is transferred to thedestination. If used with uploads, the ftp server command SIZE will notbe used by curl.
Use "-C -" to tell curl to automatically find out where/how to resume the transfer. It then usesthe given output/input files to figure that out.
If this option is used severaltimes, the last one will be used.
--create-dirs When used in conjunction with the-o option, curl will create the necessary local directory hierarchy as needed. This option creates the dirs mentioned withthe -o option, nothing else. If the -o file name uses no dir or if the dirs itmentions already exist, no dir will be created.
To create remote directories whenusing FTP or SFTP, try --ftp- create-dirs.
--crlf (FTP) Convert LF to CRLF inupload. Useful for MVS (OS/390).
If this option is used several times, thefollowing occurrences make no difference.
-d/--data <data> (HTTP) Sends the specified datain a POST request to the HTTP server, in away that can emulate as if a user has filled in a HTML form and pressed the submitbutton. Note that the data is sent exactly as specified with no extra processing (with all newlines cut off). The data is expected to be "url-encoded". This will cause curl to pass the data tothe server using the content-type application/x-www-form-urlencoded. Compare to -F/--form. If this option is used more than once on the same command line, the data piecesspecified will be merged together with a separating &-letter. Thus, using 鈥?dname=daniel -d skill=lousy鈥? would generate a post chunk that looks like 鈥檔ame=daniel&skill=lousy鈥?
If you start the data with the letter @,the rest should be a file name to read the data from,or - if you want curl to read the data from stdin. The contents of the filemust already be url-encoded. Multiple files canalso be specified. Posting data from a file named 鈥檉oobar鈥?would thus be done with --data @foo鈥? bar".
To post data purely binary, youshould instead use the --data- binary option.
-d/--data is the same as--data-ascii.
If this option is used several times, the ones following the first will append data.
--data-ascii <data> (HTTP) This is an alias for the-d/--data option.
If this option is used severaltimes, the ones following the first will append data.
--data-binary <data> (HTTP) This posts data in asimilar manner as --data-ascii does, although when using this optionthe entire context of the posted data is kept as-is. If you want to post abinary file without the strip-newlines feature of the--data-ascii option, this is for you.
If this option is used several times, the ones following the first will append data.
--digest (HTTP) Enables HTTP Digestauthentication. This is a authentica鈥? tion that prevents the passwordfrom being sent over the wire in clear text. Use this incombination with the normal -u/--user option to set user name andpassword. See also --ntlm, --negoti鈥? ate and --anyauth for relatedoptions.
If this option is used severaltimes, the following occurrences make no difference.
--disable-eprt (FTP) Tell curl to disable theuse of the EPRT and LPRT commands when doing active FTP transfers.Curl will normally always first attempt to use EPRT, then LPRT before using PORT, butwith this option, it will use PORT rightaway. EPRT and LPRT are exten鈥? sions to the original FTP protocol, may not work onall servers but enable more functionality ina better way than the tradi鈥? tional PORT command.
If this option is used several times, eachoccurrence will tog鈥? gle this on/off.
--disable-epsv (FTP) Tell curl to disable theuse of the EPSV command when doing passive FTP transfers. Curl will normally always first attempt to use EPSV before PASV,but with this option, it will not try using EPSV.
If this option is used several times, eachoccurrence will tog鈥? gle this on/off.
-D/--dump-header <file> Write the protocol headers to thespecified file.
This option is handy to use whenyou want to store the headers that a HTTP site sends to you. Cookiesfrom the headers could then be read in a second curlinvoke by using the -b/--cookie option! The -c/--cookie-jar option is howevera better way to store cookies.
When used on FTP, the ftp serverresponse lines are considered being "headers" andthus are saved there.
If this option is used severaltimes, the last one will be used.
-e/--referer <URL> (HTTP) Sends the "RefererPage" information to the HTTP server. This can also be set with the -H/--header flag ofcourse. When used with -L/--location you canappend ";auto" to the --referer URL to make curl automaticallyset the previous URL when it fol鈥? lows a Location: header. The";auto" string can be used alone, even if you don鈥檛 set an initial --referer.
If this option is used severaltimes, the last one will be used.
--engine <name> Select the OpenSSL crypto engineto use for cipher operations. Use --engine list to print a list of build-time supported engines. Note that not all(or none) of the engines may be available at run-time.
--environment (RISC OS ONLY) Sets a range of environmentvariables, using the names the -w option supports, toeasier allow extraction of use鈥? ful information after having run curl.
If this option is used several times, eachoccurrence will tog鈥? gle this on/off.
--egd-file <file> (SSL) Specify the path name to the Entropy Gathering Daemon socket. The socket is used to seed the random engine for SSL connections. See also the--random-file option.
-E/--cert <certificate[:password]> (SSL) Tells curl to use thespecified certificate file when get鈥? ting a filewith HTTPS or FTPS. The certificate must be in PEM format. If the optional password isn鈥檛 specified, it will be queried for on the terminal. Note that this option assumes a "certificate" file thatis the private key and the private cer鈥? tificate concatenated! See --cert and --key to specify them independently.
If curl is built against the NSSSSL library then this option tells curl the nickname of thecertificate to use within the NSS database defined by --cacert.
If this option is used severaltimes, the last one will be used.
--cert-type <type> (SSL) Tells curl what certificate type the providedcertificate is in. PEM, DER and ENG arerecognized types. If not specified, PEM is assumed.
If this option is used severaltimes, the last one will be used.
--cacert <CA certificate> (SSL) Tells curl to use thespecified certificate file to verify the peer. The file may contain multiple CA certificates. The certificate(s) must be in PEMformat.
curl recognizes the environmentvariable named 鈥機URL_CA_BUNDLE鈥? if that is set, and uses the given path as a path to a CA cert bundle. This option overridesthat variable.
The windows version of curl willautomatically look for a CA certs file named 麓curl-ca-bundle.crt麓, either in the samedirec鈥? tory as curl.exe, or in the Current Working Directory, or in any folder along your PATH.
If curl is built against the NSS SSLlibrary then this option tells curl the directory that the NSS certificate database resides in.
If this option is used severaltimes, the last one will be used.
--capath <CA certificatedirectory> (SSL) Tells curl to use thespecified certificate directory to verify the peer. The certificatesmust be in PEM format, and the directory must have been processedusing the c_rehash utility supplied with openssl. Using --capath can allow curl to make SSL-connections much moreefficiently than using --cacert if the --cacert file contains many CAcertificates.
If this option is used severaltimes, the last one will be used.
-f/--fail (HTTP) Fail silently (no outputat all) on server errors. This is mostly done like this to better enablescripts etc to better deal with failed attempts. Innormal cases when a HTTP server fails to deliver a document, itreturns an HTML document stating so (which often also describeswhy and more). This flag will prevent curl from outputting thatand return error 22.
This method is not fail-safe and there areoccasions where non- successful response codeswill slip through, especially when authentication is involved(response codes 401 and 407).
If this option is used twice, the second will again disable silent failure.
--ftp-account [data] (FTP) When an FTP server asks for"account data" after user name and password has been provided, this data is sentoff using the ACCT command. (Added in 7.13.0)
If this option is used twice, thesecond will override the pre鈥? vious use.
--ftp-create-dirs (FTP) When an FTP or SFTPURL/operation uses a path that doesn鈥檛 currently exist on the server,the standard behavior of curl is to fail. Using this option, curl will insteadattempt to create missing directories.
If this option is usedtwice, the second will again disable directory creation.
--ftp-method [method] (FTP) Control what method curl should use to reach a file on a FTP(S) server. The methodargument should be one of the follow鈥? ingalternatives:
multicwd curl does a single CWD operation for eachpath part in the given URL. For deephierarchies this means very many commands. This is how RFC1738 says it should be done. This is the default butthe slowest behavior.
nocwd curl does no CWD at all. curl will do SIZE, RETR, STOR etc and give a full pathto the server for all these com鈥? mands. This is the fastestbehavior.
singlecwd curl does one CWD with thefull target directory and then operates on the file "normally" (like in the multicwd case). This is somewhat more standards compliant than 鈥檔ocwd鈥?but without the full penalty of 鈥檓ulticwd鈥?
--ftp-pasv (FTP) Use PASV when transferring. PASV is the internal default behavior, but using this optioncan be used to override a previ鈥? ous --ftp-port option. (Added in7.11.0)
If this option is used several times, thefollowing occurrences make no difference.
--ftp-alternative-to-user<command> (FTP) If authenticating with theUSER and PASS commands fails, send this command. When connecting to Tumbleweed鈥檚 Secure Transport server over FTPSusing a client certificate, using "SITE AUTH" will tell the server to retrieve the username from the certificate. (Added in7.15.5)
--ftp-skip-pasv-ip (FTP) Tell curl to not use the IPaddress the server suggests in its response to curl鈥檚PASV command when curl connects the data connection. Instead curl willre-use the same IP address it already uses for the controlconnection. (Added in 7.14.2)
This option has no effect if PORT, EPRT or EPSV isused instead of PASV.
If this option is used twice,the second will again use the server鈥檚suggested address.
--ftp-ssl (FTP) Try touse SSL/TLS for the FTP connection. Reverts to a non-secure connection if the server doesn鈥檛 support SSL/TLS. See also --ftp-ssl-control and--ftp-ssl-reqd for different lev鈥? els of encryption required.(Added in 7.11.0)
If this option is usedtwice, the second will again disable this.
--ftp-ssl-control (FTP) Require SSL/TLS for the ftp login, clear for transfer. Allows secure authentication, butnon-encrypted data transfers for efficiency. Fails the transfer if the server doesn鈥檛 sup鈥? portSSL/TLS. (Added in 7.16.0)
If this option is usedtwice, the second will again disable this.
--ftp-ssl-reqd (FTP) Require SSL/TLS for the FTPconnection. Terminates the connection if the server doesn鈥檛 support SSL/TLS. (Added in 7.15.5)
If this option is used twice, the second will again disable this.
--ftp-ssl-ccc (FTP) Use CCC (Clear CommandChannel) Shuts down the SSL/TLS layer after authenticating. Therest of the control channel com鈥? munication will be unencrypted.This allows NAT routers to fol鈥? low the FTPtransaction. The default mode is passive. See --ftp- ssl-ccc-mode for othermodes. (Added in 7.16.1)
If this option is usedtwice, the second will again disable this.
--ftp-ssl-ccc-mode [active/passive] (FTP) Use CCC (Clear Command Channel) Sets the CCC mode. The passive mode will not initiatethe shutdown, but instead wait for the server to do it, and willnot reply to the shutdown from the server. The active modeinitiates the shutdown and waits for a reply from the server. (Added in 7.16.2)
-F/--form <name=content> (HTTP) This lets curl emulate a filled in form in which a user has pressed the submit button.This causes curl to POST data using the Content-Typemultipart/form-data according to RFC1867. This enables uploading of binaryfiles etc. To force the 鈥檆on鈥? tent鈥?part to be a file, prefix the file name with an @ sign. To just get the content part from afile, prefix the file name with the letter <. The difference between @ and < is then that @ makes a file get attached in thepost as a file upload, while the < makes a text field andjust get the contents for that text field from a file.
Example, to send your password file to the server, where 鈥檖assword鈥? is the name of the form-field to which /etc/passwd will be the input:
curl -F password=@/etc/passwdwww.mypasswords.com
To read the file鈥檚 content from stdin instead of a file, use - where the file name should鈥檝e been. This goes for both @and < constructs.
You can also tell curl what Content-Type to use by using 鈥檛ype=鈥? in a manner similar to:
curl -F"web=@index.html;type=text/html" url.com
or
curl -F"name=daniel;type=text/foo" url.com
You can also explicitly change the name field ofan file upload part by setting filename=, likethis:
curl -F"file=@localfile;filename=nameinpost" url.com
See further examples and detailsin the MANUAL.
This option can be used multipletimes.
--form-string <name=string> (HTTP) Similar to --form exceptthat the value string for the named parameter is used literally. Leading 鈥橜鈥?and 鈥?鈥?charac鈥? ters, and the 鈥?type=鈥?string in the value have no specialmean鈥? ing. Use this in preference to --form if there鈥檚any possibility that the string value may accidentallytrigger the 鈥橜鈥?or 鈥?鈥? features of--form.
-g/--globoff This option switches off the"URL globbing parser". When you set this option, you can specify URLsthat contain the letters {}[] without having them being interpreted by curl itself. Note that these letters are not normallegal URL contents but they should be encoded according to the URIstandard.
-G/--get When used, this option will make all data specified with -d/--data or --data-binary to beused in a HTTP GET request instead of the POST request that otherwisewould be used. The data will be appended to the URLwith a 鈥?鈥? separator.
If used in combination with -I,the POST data will instead be appended to the URL with a HEADrequest.
If this option is used several times, thefollowing occurrences make no difference.
-h/--help Usage help.
-H/--header <header> (HTTP) Extra header to use whengetting a web page. You may specify any number of extraheaders. Note that if you should add a custom header that has the samename as one of the internal ones curl would use, your externally set header will be used instead of the internal one. Thisallows you to make even trick鈥? ier stuff than curl would normally do. Youshould not replace internally set headers without knowing perfectly well what you鈥檙e doing. Remove an internal header by giving areplacement without content on the right side of the colon, as in: -H "Host:".
curl will make sure that each header youadd/replace get sent with the proper end of linemarker, you should thus not add that as a part of the header content:do not add newlines or carriage returns they will only messthings up for you.
See also the -A/--user-agent and-e/--referer options.
This option can be used multiple times to add/replace/remove multiple headers.
--ignore-content-length (HTTP) Ignore the Content-Length header. Thisis particularly useful for servers running Apache1.x, which will report incor鈥? rectContent-Length for files larger than 2 gigabytes.
-i/--include (HTTP) Include the HTTP-header in the output.The HTTP-header includes things like server-name,date of the document, HTTP- version and more...
If this option is used twice, the second will again disable header include.
--interface <name> Perform an operation using aspecified interface. You can enter interface name, IP address or host name. An example could look like:
If this option is used severaltimes, the last one will be used.
-I/--head (HTTP/FTP/FILE) Fetch theHTTP-header only! HTTP-servers feature the command HEAD which this usesto get nothing but the header of a document. When used on a FTP orFILE file, curl displays the file size and lastmodification time only.
If this option is usedtwice, the second will again disable header only.
-j/--junk-session-cookies (HTTP) When curl is told to readcookies from a given file, this option will make it discardall "session cookies". This will basically have the same effect as if a new session is started. Typical browsers alwaysdiscard session cookies when they鈥檙e closed down.
If this option is used several times, eachoccurrence will tog鈥? gle this on/off.
-k/--insecure (SSL) This option explicitlyallows curl to perform "insecure" SSL connections and transfers.All SSL connections are attempted to be made secure by using the CAcertificate bundle installed by default. This makes all connectionsconsidered "insecure" to fail unless -k/--insecure isused.
See this online resource for further details:
If this option is used twice, thesecond time will again disable it.
--key <key> (SSL/SSH) Private key file name.Allows you to provide your pri鈥? vate key in this separate file.
If this option is used severaltimes, the last one will be used.
--key-type <type> (SSL) Private key file type.Specify which type your --key pro鈥? vided private key is. DER, PEM and ENG are supported. If not specified, PEM is assumed.
If this option is used severaltimes, the last one will be used.
--krb <level> (FTP) Enable Kerberos authentication and use. Thelevel must be entered and should be one of 鈥檆lear鈥? 鈥檚afe鈥? 鈥檆onfidential鈥? or 鈥檖rivate鈥? Should you use a level that is not one of these, 鈥檖rivate鈥?will instead be used.
This option requires that thelibrary was built with kerberos4 or GSSAPI (GSS-Negotiate) support. This is notvery common. Use -V/--version to see if your curlsupports it.
If this option is used severaltimes, the last one will be used.
-K/--config <config file> Specify which config file to read curl argumentsfrom. The con鈥? fig file is a text file in whichcommand line arguments can be written which then will be used as if they were written on the actual command line. Options andtheir parameters must be speci鈥? fied on thesame config file line. If the parameter is to con鈥? tain white spaces, the parametermust be enclosed within quotes. If the first column of a config line is a 鈥?鈥?character, the rest of the line will be treatedas a comment. Only write one option per physical line in theconfig file.
Specify the filename to-K/--config as 鈥?鈥?to make curlread the file from stdin.
Note that to be able to specify aURL in the config file, you need to specify it using the --url option, and not by simply writing the URL on its own line.So, it could look similar to this:
url ="http://curl.haxx.se/docs/"
Long option names can optionally be given in the config file without the initial doubledashes.
When curl is invoked, it always(unless -q is used) checks for a default config file and uses it if found. The default config file is checked for in thefollowing places in this order:
1) curl tries to find the"home dir": It first checks for the CURL_HOME and then the HOMEenvironment variables. Failing that, it uses getpwuid() on unix-likesystems (which returns the home dir given the current user in your system). OnWindows, it then checks for the APPDATA variable,or as a last resort the 鈥?USER鈥? PROFILE%0lication Data鈥?
2) On windows, if there is no _curlrc file in the home dir, it checks for one in the same dirthe executable curl is placed. On unix-like systems, it will simply try to load .curlrc from the determined home dir.
# --- Example file --- # this is a comment url = "curl.haxx.se" output ="curlhere.html" user-agent ="superagent/1.0"
# and fetch another URL too url ="curl.haxx.se/docs/manpage.html" -O referer ="http://nowhereatall.com/" # --- End of example file ---
This option can be used multipletimes to load multiple config files.
--libcurl <file> Append this option to any ordinary curlcommand line, and you will get a libcurl-using sourcecode written to the file that does the equivalent operation of what your command line opera鈥? tion does!
If this option is used severaltimes, the last given file name will be used.
--limit-rate <speed> Specify the maximum transfer rate you want curl to use. This feature is useful if you have alimited pipe and you鈥檇 like your transfer not use your entirebandwidth.
The given speed is measured in bytes/second,unless a suffix is appended. Appending 鈥檏鈥?or 鈥橩鈥?will count the number as kilo鈥? bytes, 鈥檓鈥? or M鈥?makes it megabyteswhile 鈥檊鈥?or 鈥橤鈥?makes it gigabytes. Examples: 200K, 3m and1G.
The given rate is the average speed,counted during the entire transfer. It means that curlmight use higher transfer speeds in short bursts, but over time ituses no more than the given rate. If you are also using the -Y/--speed-limit option, that option will take precedence and might cripple the rate-limiting slightly, to help keeping thespeed-limit logic working.
If this option is used severaltimes, the last one will be used.
-l/--list-only (FTP) When listing an FTPdirectory, this switch forces a name- only view. Especially useful if you want to machine-parse the contents of an FTP directorysince the normal directory view doesn鈥檛use a standard look or format.
This option causes an FTP NLST command to be sent. Some FTP servers list only files in theirresponse to NLST; they do not include subdirectories andsymbolic links.
If this option is used twice, thesecond will again disable list only.
--local-port <num>[-num] Set a preferred number or rangeof local port numbers to use for the connection(s). Note that port numbers by nature is a scarce resource that will be busy attimes so setting this range to something too narrow might cause unnecessaryconnection setup failures. (Added in 7.15.2)
-L/--location (HTTP/HTTPS) If the serverreports that the requested page has moved to a different location(indicated with a Location: header and a 3XX response code) thisoption will make curl redo the request on the new place. If used together with-i/--include or -I/--head, headers from allrequested pages will be shown. When authentication is used, curl only sends its credentials to the initial host. If a redirect takescurl to a different host, it won鈥檛 be able to intercept the user+password. See also --loca鈥? tion-trusted onhow to change this. You can limit the amount of redirects to follow by using the--max-redirs option.
When curl follows a redirect and the request isnot a plain GET (for example POST or PUT), itwill do the following request with a GET if the HTTP response was301, 302, or 303. If the response code was any other 3xx code, curl will re-send the following request using the same unmodifiedmethod.
If this option is used twice, the second will again disable location following.
--location-trusted (HTTP/HTTPS) Like -L/--location,but will allow sending the name + password to all hosts that the site may redirect to. This may or may not introduce a securitybreach if the site redirects you do a site to which you鈥檒l send your authentication info (which is plaintext in the case of HTTPBasic authentication).
If this option is usedtwice, the second will again disable location following.
--max-filesize <bytes> Specify the maximum size (in bytes) of a fileto download. If the file requested is larger thanthis value, the transfer will not start and curl will returnwith exit code 63.
NOTE: The file size is not always known prior to download, and for such files this option has noeffect even if the file trans鈥? fer ends up being larger than this givenlimit. This concerns both FTP and HTTP transfers.
-m/--max-time <seconds> Maximum time in seconds that youallow the whole operation to take. This is useful for preventing your batchjobs from hang鈥? ing for hours due to slow networks or links going down. See also the --connect-timeoutoption.
If this option is used severaltimes, the last one will be used.
-M/--manual Manual. Display the huge helptext.
-n/--netrc Makes curl scan the .netrc filein the user鈥檚 home directory for login name and password. This istypically used for ftp on unix. If used with http, curl will enable user authentication. See netrc(4) or ftp(1) for details onthe file format. Curl will not complain if that file hasn鈥檛 the right permissions (it should not be world nor group readable). The environmentvariable "HOME" is used to findthe home directory.
A quick and very simple exampleof how to setup a .netrc to allow curl to ftp to the machine host.domain.comwith user name 鈥檓yself鈥?and password 鈥檚ecret鈥?should look similar to:
machine host.domain.com loginmyself password secret
If this option is usedtwice, the second will again disable netrc usage.
--netrc-optional Very similar to --netrc, but this option makes the.netrc usage optional and not mandatory as the--netrc does.
--negotiate (HTTP) Enables GSS-Negotiateauthentication. The GSS-Negotiate method was designed by Microsoftand is used in their web appli鈥? cations. It is primarily meant as a support for Kerberos5 authentication but may be alsoused along with another authenti鈥? cation methods. For more information see IETF draft draft- brezak-spnego-http-04.txt.
This option requires that thelibrary was built with GSSAPI sup鈥? port. This is not very common.Use -V/--version to see if your version supports GSS-Negotiate.
When using this option, you must also provide a fake -u/--user option to activate theauthentication code properly. Sending a 鈥?u :鈥? is enough as the user name and password from the -u option aren鈥檛actually used.
If this option is used severaltimes, the following occurrences make no difference.
-N/--no-buffer Disables the buffering of theoutput stream. In normal work sit鈥? uations, curl will use a standardbuffered output stream that will have the effect that it willoutput the data in chunks, not necessarily exactly when the dataarrives. Using this option will disable that buffering.
If this option is used twice, the secondwill again switch on buffering.
--no-sessionid (SSL) Disable curl鈥檚 use of SSL session-ID caching. By default all transfers are done using the cache. Note thatwhile nothing ever should get hurt byattempting to reuse SSL session-IDs, there seem to be broken SSL implementationsin the wild that may require you to disable this inorder for you to succeed. (Added in 7.16.0)
If this option is used twice, the secondwill again switch on use of the session cache.
--ntlm (HTTP) Enables NTLM authentication. The NTLM authentication method was designed by Microsoftand is used by IIS web servers. It is a proprietary protocol,reversed engineered by clever peo鈥? ple and implemented in curl basedon their efforts. This kind of behavior should not be endorsed,you should encourage everyone who uses NTLM to switch to a public and documented authentica鈥? tion methodinstead. Such as Digest.
If you want to enable NTLM foryour proxy authentication, then use --proxy-ntlm.
This option requires that the library was built with SSL sup鈥? port. Use-V/--version to see if your curl supports NTLM.
If this option is used severaltimes, the following occurrences make no difference.
-o/--output <file> Write output to <file>instead of stdout. If you are using {} or [] to fetch multiple documents,you can use 鈥?鈥? followed by a number in the<file> specifier. That variable will be replaced with the current string for theURL being fetched. Like in:
curl http://{one,two}.site.com-o "file_#1.txt"
or use several variables like:
curlhttp://{site,host}.host[1-5].com -o "#1_#2"
You may use this option as manytimes as you have number of URLs.
See also the --create-dirs option to create the local directo鈥? riesdynamically.
-O/--remote-name Write output to a local filenamed like the remote file we get. (Only the file part of the remote file is used, thepath is cut off.)
The remote file name to use forsaving is extracted from the given URL, nothing else.
You may use this option as many times as you have number of URLs.
--pass <phrase> (SSL/SSH) Pass phrase for theprivate key
If this option is used severaltimes, the last one will be used.
--proxy-anyauth Tells curl to pick a suitable authentication methodwhen commu鈥? nicating with the given proxy. This will cause an extra request/response round-trip.(Added in 7.13.2)
If this option is used twice, the second willagain disable the proxy use-any authentication.
--proxy-basic Tells curl to use HTTP Basicauthentication when communicating with the given proxy. Use --basicfor enabling HTTP Basic with a remote host. Basic is the default authentication method curl uses with proxies.
If this option is used twice, the second will again disable proxy HTTP Basic authentication.
--proxy-digest Tells curl to use HTTP Digestauthentication when communicating with the given proxy. Use--digest for enabling HTTP Digest with a remote host.
If this option is usedtwice, the second will again disable proxy HTTP Digest.
--proxy-ntlm Tells curl to use HTTP NTLM authenticationwhen communicating with the given proxy. Use --ntlmfor enabling NTLM with a remote host.
If this option is used twice, the second will again disable proxy HTTP NTLM. -p/--proxytunnel When an HTTP proxy is used (-x/--proxy),this option will cause non-HTTP protocols to attempt to tunnel through the proxy instead of merely using it to doHTTP-like operations. The tun鈥? nel approach is made with the HTTP proxy CONNECT request and requires that the proxy allowsdirect connect to the remote port number curl wants to tunnelthrough to.
If this option is used twice, the second will again disable proxy tunnel.
--pubkey <key> (SSH) Public key file name.Allows you to provide your public key in this separate file.
If this option is used severaltimes, the last one will be used.
-P/--ftp-port <address> (FTP) Reverses theinitiator/listener roles when connecting with ftp. This switch makes Curl use the PORT command instead of PASV. In practise, PORTtells the server to connect to the client鈥檚 specified address and port, while PASV asksthe server for an ip address and port toconnect to. <address> should be one of:
interface i.e "eth0" to specify which interface鈥檚 IP address you want to use (Unix only)
IP address i.e"192.168.10.1" to specify exact IP number
host name i.e"my.host.domain" to specify machine
- make curl pick the same IP address thatis already used for the control connection
If this option is used severaltimes, the last one will be used. Dis鈥? able the use of PORT with --ftp-pasv.Disable the attempt to use the EPRT command instead of PORT by using --disable-eprt. EPRT isreally PORT++.
-q If used as the first parameter on the command line, the curlrc config file will not be read and used. See the -K/--config for details on the default configfile search path.
-Q/--quote <command> (FTP/SFTP) Send an arbitrary command tothe remote FTP or SFTP server. Quote commands are sent BEFORE thetransfer is taking place (just after the initial PWDcommand in an FTP transfer, to be exact). To make commands takeplace after a successful trans鈥? fer, prefix them with a dash 鈥?鈥? To make commands get sent after libcurl has changed working directory, just before the transfer command(s), prefix thecommand with 鈥?鈥?(this is only supported for FTP). You may specify any number of commands. If the server returns failure forone of the commands, the entire operation will be aborted. You must send syntactically correct FTP commands as RFC959 defines toFTP servers, or one of the following commands (withappropriate arguments) to SFTP servers: chgrp, chmod, chown, ln, mkdir,rename, rm, rmdir, symlink.
This option can be used multiple times.
--random-file <file> (SSL) Specify the path name tofile containing what will be con鈥? sidered as random data. The data is used to seed the random engine for SSL connections. See also the --egd-file option.
-r/--range <range> (HTTP/FTP) Retrieve a byte range(i.e a partial document) from a HTTP/1.1 or FTPserver. Ranges can be specified in a number of ways.
0-499 specifies the first 500 bytes
500-999 specifies the second 500 bytes
-500 specifies the last 500 bytes
9500- specifies the bytes from offset 9500 andforward
0-0,-1 specifies the first and last byteonly(*)(H)
500-700,600-799 specifies 300 bytesfrom offset 500(H)
100-199,500-599 specifies two separate 100bytes ranges(*)(H)
(*) = NOTE that this will cause theserver to reply with a multipart response!
Only digit characters (0-9) are valid in 鈥檚tart鈥?and 鈥檚top鈥?of range syntax 鈥檚tart-stop鈥? If a non-digit character is given in the range, the server鈥檚 response will be indeterminable,depending on different server鈥檚configuration.
You should also be aware that manyHTTP/1.1 servers do not have this feature enabled, so that when you attempt to get a range, you鈥檒l instead get the whole document.
FTP range downloads only support the simple syntax 鈥檚tart-stop鈥? (optionally with oneof the numbers omitted). It depends on the non-RFC command SIZE.
If this option is used several times,the last one will be used.
--raw When used, it disables all internal HTTP decoding of content or transfer encodings and instead makes them passed on unaltered, raw. (Added in 7.16.2)
If this option is used severaltimes, each occurrence toggles this on/off.
-R/--remote-time When used, this will make libcurl attempt to figure out the timestamp of the remote file, andif that is available make the local file get that sametimestamp.
If this option is used twice, the second time disables this again.
--retry <num> If a transient error is returnedwhen curl tries to perform a transfer, it will retry this number of times before giving up. Setting the number to 0 makes curl do noretries (which is the default). Transient error means either: a timeout, anFTP 5xx response code or an HTTP 5xxresponse code.
When curl is about to retry atransfer, it will first wait one second and then for all forthcoming retries it will double the waiting time until it reaches 10minutes which then will be the delay between the rest of the retries. By using--retry-delay you disable this exponential backoff algorithm. See also --retry-max-time to limit the total time allowed forretries. (Added in 7.12.3)
If this option is used multiple times, the last occurrence decide the amount.
--retry-delay <seconds> Make curl sleep this amount of time betweeneach retry when a transfer has failed with a transient error (it changes the default backoff time algorithm between retries). Thisoption is only interesting if --retry isalso used. Setting this delay to zero will make curl use the default backoff time. (Added in 7.12.3)
If this option is used multiple times, the last occurrence decide the amount.
--retry-max-time <seconds> The retry timer is reset before the first transferattempt. Retries will be done as usual(see --retry) as long as the timer hasn鈥檛reached this given limit. Notice that if the timer hasn鈥檛 reached the limit, the requestwill be made and while perform鈥? ing, it may take longer than this given timeperiod. To limit a single request麓s maximum time, use -m/--max-time. Set this option to zero to not timeoutretries. (Added in 7.12.3)
If this option is used multiple times, the lastoccurrence decide the amount.
-s/--silent Silent mode. Don鈥檛show progress meter or error messages. Makes Curl mute.
If this option is used twice, the second will again disable silent mode.
-S/--show-error When used with -s it makes curlshow error message if it fails. If this option is used twice, thesecond will again disable show error.
--socks4 <host[:port]> Use the specified SOCKS4 proxy.If the port number is not speci鈥? fied, it is assumed at port 1080.(Added in 7.15.2)
This option overrides any previous use of-x/--proxy, as they are mutually exclusive.
If this option is used severaltimes, the last one will be used.
--socks5 <host[:port]> Use the specified SOCKS5 proxy.If the port number is not speci鈥? fied, it is assumed at port 1080.(Added in 7.11.1)
This option overrides anyprevious use of -x/--proxy, as they are mutually exclusive.
If this option is used severaltimes, the last one will be used. (This option was previously wrongly documented and used as --socks without the numberappended.)
--stderr <file> Redirect all writes to stderr to the specified fileinstead. If the file name is a plain 鈥?鈥? it is instead written to stdout. This option has no point when you鈥檙e using a shell withdecent redirecting capabilities.
If this option is used severaltimes, the last one will be used.
--tcp-nodelay Turn on the TCP_NODELAY option. See thecurl_easy_setopt(3) man page for details about thisoption. (Added in 7.11.2)
If this option is used severaltimes, each occurrence toggles this on/off.
-t/--telnet-option <OPT=val> Pass options to the telnetprotocol. Supported options are:
TTYPE=<term> Sets theterminal type.
XDISPLOC=<X display> Setsthe X display location.
NEW_ENV=<var,val> Sets anenvironment variable.
-T/--upload-file <file> This transfers the specified local file to theremote URL. If there is no file part in thespecified URL, Curl will append the local file name. NOTE that youmust use a trailing / on the last directory to really prove to Curlthat there is no file name or curl will think that your lastdirectory name is the remote file name to use. That will mostlikely cause the upload operation to fail. If this is used on a http(s) server, the PUTcommand will be used.
Use the file name "-"(a single dash) to use stdin instead of a given file.
You can specify one -T for eachURL on the command line. Each -T + URL pair specifies what toupload and to where. curl also sup鈥? ports "globbing" of the-T argument, meaning that you can upload multiple files to a single URL byusing the same URL globbing style supported in the URL, likethis:
curl -T "{file1,file2}"http://www.uploadtothissite.com
or even
--trace <file> Enables a full trace dump of all incoming and outgoing data, including descriptiveinformation, to the given output file. Use "-" as filename to havethe output sent to stdout.
This option overrides previous uses of-v/--verbose or --trace- ascii.
If this option is used severaltimes, the last one will be used.
--trace-ascii <file> Enables a full trace dump of all incoming and outgoing data, including descriptiveinformation, to the given output file. Use "-" as filename to havethe output sent to stdout.
This is very similar to --trace,but leaves out the hex part and only shows the ASCII part of thedump. It makes smaller output that might be easier to read foruntrained humans.
This option overrides previous uses of-v/--verbose or --trace. If this option is used several times,the last one will be used.
--trace-time Prepends a time stamp to each trace orverbose line that curl displays. (Added in 7.14.0)
If this option is used severaltimes, each occurrence will tog鈥? gle it on/off.
-u/--user <user:password> Specify user and password to usefor server authentication. Overrides -n/--netrc and--netrc-optional.
If you use an SSPI-enabled curlbinary and do NTLM authentica鈥? tion, you can force curl to pick up the user name and password from your environment by simplyspecifying a single colon with this option: "-u :".
If this option is used severaltimes, the last one will be used.
-U/--proxy-user <user:password> Specify user and password to usefor proxy authentication.
If you use an SSPI-enabled curlbinary and do NTLM authentica鈥? tion, you can force curl to pick up the user name and password from your environment by simplyspecifying a single colon with this option: "-U :".
If this option is used several times,the last one will be used.
--url <URL> Specify a URL to fetch. Thisoption is mostly handy when you want to specify URL(s) in aconfig file.
This option may be used any number of times.To control where this URL is written, use the-o/--output or the -O/--remote-name options.
-v/--verbose Makes the fetching more verbose/talkative. Mostly usable for debugging. Lines starting with 鈥?鈥?means "header data" sent by curl, 鈥?鈥?means "header data" received by curl that is hidden in normal cases and lines startingwith 鈥?鈥?means additional info provided by curl.
Note that if you only want HTTP headers in the output, -i/--include might be option you鈥檙e looking for.
If you think this option stilldoesn鈥檛 give you enough details, consider using --trace or--trace-ascii instead.
This option overrides previoususes of --trace-ascii or --trace. If this option is used twice, thesecond will do nothing extra.
-V/--version Displays information about curland the libcurl version it uses. The first line includes the fullversion of curl, libcurl and other 3rd party libraries linkedwith the executable.
The second line (starts with"  rotocols:") shows all protocols that libcurl reports to support.
The third line (starts with"Features:") shows specific features libcurl reports to offer.Available features include:
IPv6 You can use IPv6 with this.
krb4 Krb4 for ftp is supported.
SSL HTTPS and FTPS are supported.
libz Automatic decompression of compressed files over HTTP is supported.
NTLM NTLM authentication is supported.
GSS-Negotiate Negotiate authenticationand krb5 for ftp is supported.
Debug This curl uses a libcurl built withDebug. This enables more error-tracking and memory debugging etc. For curl- developers only!
AsynchDNS This curl usesasynchronous name resolves.
SPNEGO SPNEGO Negotiateauthentication is supported.
Largefile This curl supportstransfers of large files, files larger than 2GB.
IDN This curl supports IDN - internationaldomain names.
SSPI SSPI is supported. If you use NTLM andset a blank user name, curl willauthenticate with your current user and password.
-w/--write-out <format> Defines what to display on stdoutafter a completed and success鈥? ful operation. The format is astring that may contain plain text mixed with any number ofvariables. The string can be spec鈥? ified as "string", toget read from a particular file you spec鈥? ify it "@filename" and to tell curl to read the format from stdin you write "@-".
The variables present in theoutput format will be substituted by the value or text that curl thinks fit, as described below. All variables are specified like%{variable_name} and to output a normal % you just write themlike %%. You can output a newline by using \n, a carriage returnwith \r and a tab space with \t. NOTE: The %-letter is a specialletter in the win32-environment, where all occurrences of % must be doubled when using this option.
Available variables are at thispoint:
url_effective The URL that was fetched last. This is mostly meaningful if you鈥檝e told curl to follow loca鈥? tion: headers.
http_code The numerical code that was found in the last retrieved HTTP(S)page.
http_connect The numerical code that was found in the last response (from a proxy) to a curl CONNECT request. (Added in7.12.4)
time_total The total time, in seconds, that thefull opera鈥? tion lasted. Thetime will be displayed with mil鈥? lisecondresolution.
time_namelookup The time, inseconds, it took from the start until the nameresolving was completed.
time_connect The time, in seconds, it took from the start until the connectto the remote host (or proxy) was completed.
time_pretransfer The time, in seconds, it took from the start until the filetransfer is just about to begin. This includes allpre-transfer commands and nego鈥? tiations that arespecific to the particular pro鈥? tocol(s) involved.
time_redirect The time, in seconds, it took for allredirection steps include namelookup, connect, pretransfer and transfer before final transaction was started.time_redirect shows the complete execu鈥? tion time for multiple redirections. (Added in 7.12.3)
time_starttransfer The time, inseconds, it took from the start until the first byte is just about to be trans鈥? ferred. This includestime_pretransfer and also the time the server needs to calculate the result.
size_download The total amount of bytes that weredownloaded.
size_upload The total amount of bytes that wereuploaded.
size_header The total amount of bytes of the downloadedhead鈥? ers.
size_request The total amount of bytes that weresent in the HTTP request.
speed_download The averagedownload speed that curl measured for the completedownload.
speed_upload The average upload speed that curlmeasured for the completeupload.
content_type The Content-Type of the requested document, if there was any.
num_connects Number of new connects made in the recent trans鈥? fer. (Added in7.12.3)
num_redirects Number of redirects that were followed in the request. (Added in7.12.3)
ftp_entry_path The initial path libcurlended up in when logging on to the remoteFTP server. (Added in 7.15.4)
If this option is used several times,the last one will be used.
-x/--proxy <proxyhost[:port]> Use specified HTTP proxy. If theport number is not specified, it is assumed at port 1080.
This option overrides existing environment variables that sets proxy to use. If there鈥檚 an environment variable setting a proxy, you can set proxy to"" to override it.
Note that all operations that are performedover a HTTP proxy will transparently be convertedto HTTP. It means that certain protocol specific operationsmight not be available. This is not the case if you can tunnelthrough the proxy, as done with the -p/--proxytunnel option.
Starting with 7.14.1, the proxy host can be specifiedthe exact same way as the proxyenvironment variables, include protocol prefix (http://) and embeddeduser + password.
If this option is used severaltimes, the last one will be used.
-X/--request <command> (HTTP) Specifies a custom requestmethod to use when communicat鈥? ing with the HTTP server. The specified request will be used instead of the method otherwiseused (which defaults to GET). Read the HTTP 1.1 specificationfor details and explanations.
(FTP) Specifies a custom FTPcommand to use instead of LIST when doing file lists with ftp.
If this option is used severaltimes, the last one will be used.
-y/--speed-time <time> If a download is slower thanspeed-limit bytes per second during a speed-time period, the downloadgets aborted. If speed-time is used, the default speed-limitwill be 1 unless set with -y.
This option controls transfers and thus will not affect slow connects etc. If this is aconcern for you, try the --connect- timeout option.
If this option is used severaltimes, the last one will be used.
-Y/--speed-limit <speed> If a download is slower than thisgiven speed, in bytes per sec鈥? ond, for speed-time seconds it getsaborted. speed-time is set with -Y and is 30 if not set.
If this option is used severaltimes, the last one will be used.
-z/--time-cond <date expression> (HTTP/FTP) Request a file that has been modified laterthan the given time and date, or one thathas been modified before that time. The date expression can beall sorts of date strings or if it doesn鈥檛 match any internal ones, it tries to get the time from a given file name instead! See the curl_getdate(3) man pages for date expressiondetails.
Start the date expression with adash (-) to make it request for a document that is older than the given date/time, default is a document that is newer than thespecified date/time.
If this option is used severaltimes, the last one will be used.
--max-redirs <num> Set maximum number of redirection-followings allowed. If -L/--location is used, thisoption can be used to prevent curl from following redirections"in absurdum". By default, the limit is set to 50 redirections. Setthis option to -1 to make it lim鈥? itless.
If this option is used severaltimes, the last one will be used.
-0/--http1.0 (HTTP) Forces curl to issue itsrequests using HTTP 1.0 instead of using its internallypreferred: HTTP 1.1.
-1/--tlsv1 (SSL) Forces curl to use TSL version 1 when negotiating with a remote TLS server.
-2/--sslv2 (SSL) Forces curl to use SSLversion 2 when negotiating with a remote SSL server.
-3/--sslv3 (SSL) Forces curl to use SSL version 3 when negotiating with a remote SSL server.
-4/--ipv4 If libcurl is capable ofresolving an address to multiple IP versions (which it is if it is ipv6-capable), thisoption tells libcurl to resolve names to IPv4addresses only.
-6/--ipv6 If libcurl is capable ofresolving an address to multiple IP versions (which it is if it is ipv6-capable), thisoption tells libcurl to resolve names to IPv6 addressesonly.
-#/--progress-bar Make curl display progressinformation as a progress bar instead of the default statistics.
If this option is used twice, the second willagain disable the progress bar.
FILES ~/.curlrc Default config file, see-K/--config for details.
ENVIRONMENT http_proxy[protocol://]<host>[:port] Sets proxy server to use forHTTP.
HTTPS_PROXY[protocol://]<host>[:port] Sets proxy server to use forHTTPS.
FTP_PROXY[protocol://]<host>[:port] Sets proxy server to use for FTP.
ALL_PROXY[protocol://]<host>[:port] Sets proxy server to use if noprotocol-specific proxy is set.
NO_PROXY <comma-separated list ofhosts> list of host names that shouldn鈥檛 go through any proxy. If set to a asterisk 鈥?鈥?only, it matches all hosts.
EXITCODES There exists a bunch of different error codes and theircorresponding error messages that may appear duringbad conditions. At the time of this writing, the exit codes are:
1 Unsupported protocol. This build of curl has no support for this protocol.
2 Failed to initialize.
3 URL malformat. The syntax was not correct.
4 URL user malformatted. The user-part of the URL syntax was not correct.
5 Couldn鈥檛 resolve proxy. The given proxy host could not be resolved.
6 Couldn鈥檛 resolve host. The given remote host wasnot resolved.
7 Failed to connect to host.
8 FTP weird server reply. The server sent data curl couldn鈥檛 parse.
9 FTP access denied. The server denied login or deniedaccess to the particular resource ordirectory you wanted to reach. Most often you tried to change to a directory that doesn鈥檛exist on the server.
10 FTP user/password incorrect. Either one or both were not accepted by the server.
11 FTP weird PASS reply. Curl couldn鈥檛 parse the reply sent to the PASS request.
12 FTP weird USER reply. Curl couldn鈥檛 parse thereply sent to the USER request.
13 FTP weird PASV reply, Curl couldn鈥檛 parse the reply sent to the PASV request.
14 FTP weird 227 format. Curl couldn鈥檛 parse the 227-line the server sent.
15 FTP can鈥檛 get host. Couldn鈥檛resolve the host IP we got in the 227-line.
16 FTP can鈥檛 reconnect. Couldn鈥檛 connect to the host we got in the 227-line.
17 FTP couldn鈥檛 set binary. Couldn鈥檛 change transfer method to binary.
18 Partial file. Only a part of the file was transferred.
19 FTP couldn鈥檛 download/access the given file, theRETR (or simi鈥? lar) command failed.
20 FTP write error. The transfer was reported bad by the server.
21 FTP quote error. A quote command returned error from the server. 22 HTTP page not retrieved. The requested url was not found or returned another error with the HTTP error code being 400 or above. This return code onlyappears if -f/--fail is used.
23 Write error. Curl couldn鈥檛 write data to alocal filesystem or similar.
24 Malformed user. User name badly specified.
25 FTP couldn鈥檛 STOR file. The server denied the STOR operation, used for FTP uploading.
26 Read error. Various reading problems.
27 Out of memory. A memory allocation request failed.
28 Operation timeout. The specified time-out period was reached according to the conditions.
29 FTP couldn鈥檛 set ASCII. The server returned anunknown reply.
30 FTP PORT failed. The PORT command failed. Not all FTP servers support the PORT command, try doing a transfer using PASV instead!
31 FTP couldn鈥檛 use REST. The REST command failed. This command is used for resumed FTP transfers.
32 FTP couldn鈥檛 use SIZE. The SIZE command failed.The command is an extension to the original FTPspec RFC 959.
33 HTTP range error. The range "command" didn鈥檛 work.
34 HTTP post error. Internal post-request generation error.
35 SSL connect error. The SSL handshaking failed.
36 FTP bad download resume. Couldn鈥檛 continue an earlier aborted download.
37 FILE couldn鈥檛 read file. Failed to open thefile. Permissions?
38 LDAP cannot bind. LDAP bind operation failed.
39 LDAP search failed.
40 Library not found. The LDAP library was not found.
41 Function not found. A required LDAP function was not found.
42 Aborted by callback. An application told curl to abort the oper鈥? ation.
43 Internal error. A function was called with a bad parameter.
44 Internal error. A function was called in a bad order.
45 Interface error. A specified outgoing interfacecould not be used.
46 Bad password entered. An error was signalled when the password was entered.
47 Too many redirects. When following redirects, curl hit the maxi鈥? mum amount.
48 Unknown TELNET option specified.
49 Malformed telnet option.
51 The remote peer鈥檚 SSL certificate wasn鈥檛 ok
52 The server didn鈥檛 reply anything, whichhere is considered an error.
53 SSL crypto engine not found
54 Cannot set SSL crypto engine as default
55 Failed sending network data
56 Failure in receiving network data
57 Share is in use (internal error)
58 Problem with the local certificate
59 Couldn鈥檛 use specified SSL cipher
60 Problem with the CA cert (path? permission?)
61 Unrecognized transfer encoding
62 Invalid LDAP URL
63 Maximum file size exceeded
64 Requested FTP SSL level failed
65 Sending the data requires a rewind that failed
66 Failed to initialise SSL Engine
67 User, password or similar was not accepted and curl failed to login
68 File not found on TFTP server
69 Permission problem on TFTP server
70 Out of disk space on TFTP server
71 Illegal TFTP operation
72 Unknown TFTP transfer ID
73 File already exists (TFTP)
74 No such user (TFTP)
75 Character conversion failed
76 Character conversion functions required
XX There will appear more error codes here in future releases. The existing ones are meant to neverchange.
AUTHORS/ CONTRIBUTORS Daniel Stenberg is the main author, but the whole list of contributors is found in the separate THANKS file.
WWW
FTP
SEE ALSO ftp(1), wget(1)
LATESTVERSION
You always find news about what's going on aswell as the latest versions from the curl web pages, located at:
SIMPLEUSAGE
Get the main page from Netscape's web-server:
Get the README file the user's home directoryat funet's ftp-server:
Get a web page from a server using port 8000:
Get a list of a directory of an FTP site:
Get the definition of curl from a dictionary:
curl dict://dict.org/m:curl
Fetch two documents at once:
Get a file off an FTPS server:
curlftps://files.are.secure.com/secrets.txt
or use the more appropriate FTPS way to getthe same file:
Get a file from an SSH server using SFTP:
Get a file from an SSH server using SCP usinga private key to authenticate:
curl -u username: --key ~/.ssh/id_dsa--pubkey ~/.ssh/id_dsa.pub \ scp://shell.example.com/~/personal.txt
DOWNLOADTO A FILE
Get a web page and store in a local file:
Get a web page and store in a local file,make the local file get the name of the remote document (if no file name partis specified in the URL, this will fail):
Fetch two files and store them with theirremote names:
USINGPASSWORDS
FTP
To ftp files using name+passwd, include themin the URL like:
or specify them with the -u flag like
FTPS
It is just like for FTP, but you may alsowant to specify and use SSL-specific options for certificates etc.
Note that using FTPS:// as prefix is the"implicit" way as described in the standards while the recommended"explicit" way is done by using FTP:// and the --ftp-ssl option.
HTTP
Curl also supports user and password in HTTPURLs, thus you can pick a file like:
or specify user and password separately likein
HTTP offers many different methods ofauthentication and curl supports several: Basic, Digest, NTLM and Negotiate.Without telling which method to use, curl defaults to Basic. You can alsoask curl to pick the most secure ones out of the ones that the server acceptsfor the given URL, by using --anyauth.
NOTE! Since HTTP URLs don't support user andpassword, you can't use that style when using Curl via a proxy. You_must_ use the -u style fetch during such circumstances.
HTTPS
Probably most commonly used with privatecertificates, as explained below.
PROXY
Get an ftp file using a proxy named my-proxythat uses port 888:
Get a file from a HTTP server that requiresuser and password, using the same proxy as above:
Some proxies require special authentication.Specify by using -U as above:
curl also supports SOCKS4 and SOCKS5 proxieswith --socks4 and --socks5.
See also the environment variables Curlsupport that offer further proxy control.
RANGES
With HTTP 1.1 byte-ranges were introduced.Using this, a client can request to get only one or more subparts of aspecified document. Curl supports this with the -r flag.
Get the first 100 bytes of a document:
Get the last 500 bytes of a document:
Curl also supports simple ranges for FTPfiles as well. Then you can only specify start and stop position.
Get the first 100 bytes of a document usingFTP:
UPLOADING
FTP
Upload all data on stdin to a specified ftpsite:
Upload data from a specified file, login withuser and password:
Upload a local file to the remote site, anduse the local file name remote too:
Upload a local file to get appended to theremote file using ftp:
Curl also supports ftp upload through aproxy, but only if the proxy is configured to allow that kind of tunneling.If it does, you can run curl in a fashion similar to:
curl --proxytunnel -x proxy:port -T localfileftp.upload.com
HTTP
Upload all data on stdin to a specified httpsite:
Note that the http server must have beenconfigured to accept PUT before this can be done successfully.
For other ways to do http data upload, seethe POST section below.
VERBOSE/ DEBUG
If curl fails where it isn't supposed to, ifthe servers don't let you in, if you can't understand the responses: usethe -v flag to get verbose fetching. Curl will output lots of info andwhat it sends and receives in order to let the user see all client-serverinteraction (but it won't show you the actual data).
To get even more details and information onwhat curl does, try using the --trace or --trace-ascii options with a givenfile name to log to, like this:
DETAILEDINFORMATION
Different protocols provide different ways ofgetting detailed information about specific files/documents. To get curlto show detailed information about a single file, you should use -I/--headoption. It displays all available info on a single file for HTTP andFTP. The HTTP information is a lot more extensive.
For HTTP, you can get the header information(the same as -I would show) shown before the data by using -i/--include.Curl understands the -D/--dump-header option when getting filesfrom both FTP and HTTP, and it will then store the headers in the specifiedfile.
Store the HTTP headers in a separate file(headers.txt in the example):
curl --dump-header headers.txtcurl.haxx.se
Note that headers stored in a separate filecan be very useful at a later time if you want curl to use cookies sent bythe server. More about that in the cookies section.
POST(HTTP)
It's easy to post data using curl. This isdone using the -d <data> option. The post data must be urlencoded.
Post a simple "name" and"phone" guestbook.
curl -d"name=Rafael%20Sagula&phone=3320780" \
How to post a form with curl, lesson #1:
Dig out all the <input> tags in theform that you want to fill in. (There's a perl program called formfind.pl on the curlsite that helps with this).
If there's a "normal" post, you use-d to post. -d takes a full "post string", which is in the format
<variable1>=<data1>&<variable2>=<data2>&...
The 'variable' names are the names set with"name=" in the <input> tags, and the data is the contents you want to fill infor the inputs. The data *must* be properly URL encoded. That means youreplace space with + and that you write weird letters with %XX where XX is thehexadecimal representation of the letter's ASCII code.
Example:
<form action="post.cgi"method="post"> <input name=user size=10> <input name=pass type=passwordsize=10> <input name=id type=hiddenvalue="blablabla"> <input name=dingvalue="submit"> </form>
We want to enter user 'foobar' with password'12345'.
To post to this, you enter a curl commandline like:
curl -d"user=foobar&pass=12345&id=blablabla&ding=submit" (continues)
While -d uses theapplication/x-www-form-urlencoded mime-type, generally understood by CGI's and similar, curl alsosupports the more capable multipart/form-data type. This latter typesupports things like file upload.
-F accepts parameters like -F"name=contents". If you want the contents to be read from a file, use <@filename> ascontents. When specifying a file, you can also specify the file content type byappending ';type=<mime type>' to the file name. You can also post thecontents of several files in one field. For example, the field name 'coolfiles' is used to send three files, with different content types using thefollowing syntax:
curl -F"coolfiles=@fil1.gif;type=image/gif,fil2.txt,fil3.html" \
If the content-type is not specified, curlwill try to guess from the file extension (it only knows a few), or use thepreviously specified type (from an earlier file if several files arespecified in a list) or else it will using the default type 'text/plain'.
Emulate a fill-in form with -F. Let's say youfill in three fields in a form. One field is a file name which to post,one field is your name and one field is a file description. We want to postthe file we have written named "cooltext.txt". To let curl do theposting of this data instead of your favourite browser, you have to read the HTMLsource of the form page and find the names of the input fields. In ourexample, the input field names are 'file', 'yourname' and 'filedescription'.
curl -F "file=@cooltext.txt"-F "yourname=Daniel" \ -F "filedescription=Cool textfile with cool text inside" \
To send two files in one post you can do itin two ways:
1. Send multiple files in a single"field" with a single field name:
curl -F "pictures=@dog.gif,cat.gif"
2. Send two fields with two field names:
curl -F "docpicture=@dog.gif"-F "catpicture=@cat.gif"
To send a field value literally withoutinterpreting a leading '@' or '<', or an embedded ';type=', use--form-string instead of -F. This is recommended when the value isobtained from a user or some other unpredictable source. Under thesecircumstances, using -F instead of --form-string would allow auser to trick curl into uploading a file.
REFERRER
A HTTP request has the option to includeinformation about which address that referred to actual page. Curl allows you to specify the referrer to be used on the command line. Itis especially useful to fool or trick stupid servers or CGI scriptsthat rely on that information being available or contain certain data.
NOTE: The referer field is defined in theHTTP spec to be a full URL.
USERAGENT
A HTTP request has the option to includeinformation about the browser that generated the request. Curl allows it tobe specified on the command line. It is especially useful to fool ortrick stupid servers or CGI scripts that only accept certain browsers.
Example:
curl -A 'Mozilla/3.0 (Win95; I)'http://www.nationsbank.com/
Other common strings: 'Mozilla/3.0 (Win95; I)' Netscape Version 3 for Windows 95 'Mozilla/3.04 (Win95; U)' Netscape Version 3 for Windows 95 'Mozilla/2.02 (OS/2; U)' Netscape Version 2 for OS/2 'Mozilla/4.04 [en] (X11; U; AIX 4.2;Nav)' NS for AIX 'Mozilla/4.05 [en] (X11; U; Linux 2.0.32i586)' NS for Linux
Note that Internet Explorer tries hard to becompatible in every way: 'Mozilla/4.0 (compatible; MSIE 4.01;Windows 95)' MSIE for W95
Mozilla is not the only possible User-Agentname: 'Konqueror/1.0' KDE File Manager desktop client 'Lynx/2.7.1 libwww-FM/2.14' Lynx commandline browser
COOKIES
Cookies are generally used by web servers tokeep state information at the client's side. The server sets cookies bysending a response line in the headers that looks like 'Set-Cookie:<data>' where the data part then typically contains a set of NAME=VALUE pairs(separated by semicolons ';' like "NAME1=VALUE1;NAME2=VALUE2;"). The server can also specify for what path the "cookie" should be usedfor (by specifying "path=value"), when the cookie should expire("expire=DATE"), for what domain to use it ("domain=NAME") and if it should beused on secure connections only ("secure").
If you've received a page from a server thatcontains a header like: Set-Cookie: sessionid=boo123;path="/foo";
it means the server wants that first pairpassed on when we get anything in a path beginning with "/foo".
Example, get a page that wants my name passedin a cookie:
curl -b "name=Daniel"www.sillypage.com
Curl also has the ability to use previouslyreceived cookies in following sessions. If you get cookies from a serverand store them in a file in a manner similar to:
curl --dump-header headerswww.example.com
... you can then in a second connect to that(or another) site, use the cookies from the 'headers' file like:
While saving headers to a file is a workingway to store cookies, it is however error-prone and not the preferred wayto do this. Instead, make curl save the incoming cookies using thewell-known netscape cookie format like this:
Note that by specifying -b you enable the"cookie awareness" and with -L you can make curl follow a location: (whichoften is used in combination with cookies). So that if a site sendscookies and a location, you can use a non-existing file to trigger the cookieawareness like:
The file to read cookies from must beformatted using plain HTTP headers OR as netscape's cookie file. Curl willdetermine what kind it is based on the file contents. In the above command, curl will parse theheader and store the cookies received fromwww.example.com. curl will send to theserver the stored cookies which match the request as itfollows the location. The file "empty.txt" may be anonexistent file.
Alas, to both read and write cookies from anetscape cookie file, you can set both -b and -c to use the same file:
curl -b cookies.txt -c cookies.txtwww.example.com
PROGRESSMETER
The progress meter exists to show a user thatsomething actually is happening. The different fields in the outputhave the following meaning:
% Total % Received % Xferd AverageSpeed Time Curr. Dload Upload Total Current Left Speed 0 151M 0 38608 0 0 9406 0 4:41:43 0:00:04 4:41:39 9287
From left-to-right: % - percentage completed of the whole transfer Total - total size of the whole expected transfer % - percentage completed of the download Received - currently downloaded amount of bytes % - percentage completed of the upload Xferd - currently uploaded amount of bytes Average Speed Dload - the average transfer speed of the download Average Speed Upload - the average transfer speed of the upload Time Total - expected time to complete the operation Time Current - time passed since the invoke Time Left - expected time left to completion Curr.Speed - the average transfer speed the last 5 seconds (the first 5 seconds of a transfer is based on lesstime of course.)
The -# option will display a totallydifferent progress bar that doesn't need much explanation!
SPEEDLIMIT
Curl allows the user to set the transferspeed conditions that must be met to let the transfer keep going. By using theswitch -y and -Y you can make curl abort transfers if the transferspeed is below the specified lowest limit for a specified time.
To have curl abort the download if the speedis slower than 3000 bytes per second for 1 minute, run:
curl -Y 3000 -y 60www.far-away-site.com
This can very well be used in combinationwith the overall time limit, so that the above operation must be completed inwhole within 30 minutes:
curl -m 1800 -Y 3000 -y 60www.far-away-site.com
Forcing curl not to transfer data faster thana given rate is also possible, which might be useful if you're using a limitedbandwidth connection and you don't want your transfer to use all of it(sometimes referred to as "bandwidth throttle").
Make curl transfer data no faster than 10kilobytes per second:
curl --limit-rate 10Kwww.far-away-site.com
or
curl --limit-rate 10240www.far-away-site.com
Or prevent curl from uploading data fasterthan 1 megabyte per second:
When using the --limit-rate option, thetransfer rate is regulated on a per-second basis, which will cause the totaltransfer speed to become lower than the given number. Sometimes of coursesubstantially lower, if your transfer stalls during periods.
CONFIGFILE
Curl automatically tries to read the .curlrcfile (or _curlrc file on win32 systems) from the user's home dir on startup.
The config file could be made up with normalcommand line switches, but you can also specify the long options without thedashes to make it more readable. You can separate the options andthe parameter with spaces, or with = or :. Comments can be used within thefile. If the first letter on a line is a '#'-letter the rest of the line istreated as a comment.
If you want the parameter to contain spaces,you must inclose the entire parameter within double quotes (").Within those quotes, you specify a quote as \".
NOTE: You must specify options and theirarguments on the same line.
Example, set default time out and proxy in aconfig file:
# We want a 30 minute timeout: -m 1800 # ... and we use a proxy for allaccesses: proxy = proxy.our.domain.com:8080
White spaces ARE significant at the end oflines, but all white spaces leading up to the first characters of eachline are ignored.
Prevent curl from reading the default file byusing -q as the first command line parameter, like:
Force curl to get and display a local helppage in case it is invoked without URL by making a config file similarto:
# default url to get url ="http://help.with.curl.com/curlhelp.html"
You can specify another config file to be readby using the -K/--config flag. If you set config file name to"-" it'll read the config from stdin, which can be handy if you want to hideoptions from being visible in process tables etc:
EXTRAHEADERS
When using curl in your own very specialprograms, you may end up needing to pass on your own custom headers whengetting a web page. You can do this by using the -H flag.
Example, send the header "X-you-and-me:yes" to the server when getting a page:
curl -H "X-you-and-me: yes"www.love.com
This can also be useful in case you want curlto send a different text in a header than it normally does. The -H headeryou specify then replaces the header curl would normally send. If youreplace an internal header with an empty one, you prevent that header from beingsent. To prevent the Host: header from being used:
FTP andPATH NAMES
Do note that when getting files with theftp:// URL, the given path is relative the directory you enter. To get thefile 'README' from your home directory at your ftp site, do:
But if you want the README file from the rootdirectory of that very same site, you need to specify the absolute filename:
(I.e with an extra slash in front of the filename.)
FTP andfirewalls
The FTP protocol requires one of the involvedparties to open a second connction as soon as data is about to gettransfered. There are two ways to do this.
The default way for curl is to issue the PASVcommand which causes the server to open another port and await anotherconnection performed by the client. This is good if the client is behinda firewall that don't allow incoming connections.
curl ftp.download.com
If the server for example, is behind afirewall that don't allow connections on other ports than 21 (or if it just doesn'tsupport the PASV command), the other way to do it is to use the PORT commandand instruct the server to connect to the client on the given (asparameters to the PORT command) IP number and port.
The -P flag to curl supports a few differentoptions. Your machine may have several IP-addresses and/or networkinterfaces and curl allows you to select which of them to use. Default address canalso be used:
curl -P - ftp.download.com
Download with PORT but use the IP address ofour 'le0' interface (this does not work on windows):
curl -P le0 ftp.download.com
Download with PORT but use 192.168.0.10 asour IP address to use:
curl -P 192.168.0.10 ftp.download.com
NETWORKINTERFACE
Get a web page from a server using aspecified port for the interface:
or
HTTPS
Secure HTTP requires SSL libraries to be installedand used when curl is built. If that is done, curl is capable ofretrieving and posting documents using the HTTPS protocol.
Example:
Curl is also capable of using your personalcertificates to get/post files from sites that require valid certificates.The only drawback is that the certificate needs to be in PEM-format. PEM isa standard and open format to store certificates with, but it is not usedby the most commonly used browsers (Netscape and MSIE both use the socalled PKCS#12 format). If you want curl to use the certificates you usewith your (favourite) browser, you may need to download/compile a converter thatcan convert your browser's formatted certificates to PEM formatted ones.This kind of converter is included in recent versions of OpenSSL, andfor older versions Dr Stephen N. Henson has written a patch for SSLeay thatadds this functionality. You can get his patch (that requires an SSLeayinstallation) from his site at:
Example on how to automatically retrieve adocument using a certificate with a personal password:
If you neglect to specify the password on thecommand line, you will be prompted for the correct password before anydata can be received.
Many older SSL-servers have problems withSSLv3 or TLS, that newer versions of OpenSSL etc is using, therefore it issometimes useful to specify what SSL-version curl should use. Use -3, -2 or -1to specify that exact SSL version to use (for SSLv3, SSLv2 or TLSv1respectively):
Otherwise, curl will first attempt to use v3and then v2.
To use OpenSSL to convert your favouritebrowser's certificate into a PEM formatted one that curl can use, do somethinglike this (assuming netscape, but IE is likely to work similarly):
Youstart with hitting the 'security' menu button in netscape.
Select 'certificates->yours' and thenpick a certificate in the list
Press the 'export' button
enter your PIN code for the certs
select a proper place to save it
Run the 'openssl' application to convertthe certificate. If you cd to the openssl installation, you can do it like:
# ./apps/openssl pkcs12 -in [file yousaved] -clcerts -out [PEMfile]
RESUMINGFILE TRANSFERS
To continue a file transfer where it waspreviously aborted, curl supports resume on http(s) downloads as well as ftpuploads and downloads.
Continue downloading a document:
Continue uploading a document(*1):
Continue downloading a document from a webserver(*2):
(*1) = This requires that the ftp serversupports the non-standard command SIZE. If it doesn't, curl will say so.
(*2) = This requires that the web serversupports at least HTTP/1.1. If it doesn't, curl will say so.
TIMECONDITIONS
HTTP allows a client to specify a timecondition for the document it requests. It is If-Modified-Since orIf-Unmodified-Since. Curl allow you to specify them with the -z/--time-cond flag.
For example, you can easily make a downloadthat only gets performed if the remote file is newer than a local copy. Itwould be made like:
Or you can download a file only if the localfile is newer than the remote one. Do this by prepending the date stringwith a '-', as in:
You can specify a "free text" dateas condition. Tell curl to only download the file if it was updated since January 12,2012:
curl -z "Jan 12 2012"http://remote.server.com/remote.html
Curl will then accept a wide range of dateformats. You always make the date check the other way around by prepending itwith a dash '-'.
DICT
For fun try
curl dict://dict.org/m:curl curl dict://dict.org/d:heisenbug:jargon curl dict://dict.org/d:daniel:web1913
Aliases for 'm' are 'match' and 'find', andaliases for 'd' are 'define' and 'lookup'. For example,
curl dict://dict.org/find:curl
Commands that break the URL description ofthe RFC (but not the DICT protocol) are
curl dict://dict.org/show:db curl dict://dict.org/show:strat
Authentication is still missing (but this isnot required by the RFC)
LDAP
If you have installed the OpenLDAP library,curl can take advantage of it and offer ldap:// support.
LDAP is a complex thing and writing an LDAPquery is not an easy task. I do advice you to dig up the syntax descriptionfor that elsewhere. Two places that might suit you are:
Netscape's "Netscape Directory SDK 3.0for C Programmer's Guide Chapter 10: Working with LDAP URLs":
RFC 2255, "The LDAP URL Format"http://curl.haxx.se/rfc/rfc2255.txt
To show you an example, this is now I can getall people from my local LDAP server that has a certain sub-domain in theiremail address:
curl -B"ldap://ldap.frontec.se/o=frontec??sub?mail=*sth.frontec.se"
If I want the same info in HTML format, I canget it by not using the -B (enforce ASCII) flag.
ENVIRONMENTVARIABLES
Curl reads and understands the followingenvironment variables:
http_proxy, HTTPS_PROXY, FTP_PROXY
They should be set for protocol-specificproxies. General proxy should be set with
ALL_PROXY
A comma-separated list of host names thatshouldn't go through any proxy is set in (only an asterisk, '*' matches allhosts)
NO_PROXY
If a tail substring of the domain-path for ahost matches one of these strings, transactions with that node will notbe proxied.
The usage of the -x/--proxy flag overridesthe environment variables.
NETRC
Unix introduced the .netrc concept a longtime ago. It is a way for a user to specify name and password for commonlyvisited ftp sites in a file so that you don't have to type them in each timeyou visit those sites. You realize this is a big security risk ifsomeone else gets hold of your passwords, so therefore most unix programswon't read this file unless it is only readable by yourself (curl doesn't carethough).
Curl supports .netrc files if told so (usingthe -n/--netrc and --netrc-optional options). This is notrestricted to only ftp, but curl can use it for all protocols whereauthentication is used.
A very simple .netrc file could looksomething like:
machine curl.haxx.se login iamdanielpassword mysecret
CUSTOMOUTPUT
To better allow script programmers to get toknow about the progress of curl, the -w/--write-out option wasintroduced. Using this, you can specify what information from the previous transferyou want to extract.
To display the amount of bytes downloadedtogether with some text and an ending newline:
KERBEROSFTP TRANSFER
Curl supports kerberos4 and kerberos5/GSSAPIfor FTP transfers. You need the kerberos package installed and used atcurl build time for it to be used.
First, get the krb-ticket the normal way,like with the kinit/kauth tool. Then use curl in way similar to:
There's no use for a password on the -uswitch, but a blank one will make curl ask for one and you already entered thereal password to kinit/kauth.
TELNET
The curl telnet support is basic and veryeasy to use. Curl passes all data passed to it on stdin to the remote server.Connect to a remote telnet server using a command line similar to:
And enter the data to pass to the server onstdin. The result will be sent to stdout or to the file you specify with -o.
You might want the -N/--no-buffer option toswitch off the buffered output for slow connections or similar.
Pass options to the telnet protocol negotiation,by using the -t option. To tell the server we use a vt100 terminal, trysomething like:
Other interesting options for it -t include:
- XDISPLOC=<X display> Sets the Xdisplay location.
- NEW_ENV=<var,val> Sets anenvironment variable.
NOTE: the telnet protocol does not specifyany way to login with a specified user and password so curl can't do thatautomatically. To do that, you need to track when the login prompt is receivedand send the username and password accordingly.
PERSISTENTCONNECTIONS
Specifying multiple files on a single commandline will make curl transfer all of them, one after the other in thespecified order.
libcurl will attempt to use persistentconnections for the transfers so that the second transfer to the same host can usethe same connection that was already initiated and was left open in theprevious transfer. This greatly decreases connection time for all but thefirst transfer and it makes a far better use of the network.
Note that curl cannot use persistentconnections for transfers that are used in subsequence curl invokes. Try to stuff asmany URLs as possible on the same command line if they are using the samehost, as that'll make the transfers faster. If you use a http proxy forfile transfers, practically all transfers will be persistent.
MULTIPLETRANSFERS WITH A SINGLE COMMAND LINE
As is mentioned above, you can downloadmultiple files with one command line by simply adding more URLs. If you want thoseto get saved to a local file instead of just printed to stdout, you needto add one save option for each URL you specify. Note that this also goes forthe -O option.
For example: get two files and use -O for thefirst and a custom file name for the second:
You can also upload multiple files in asimilar fashion:
MAILINGLISTS
For your convenience, we have several openmailing lists to discuss curl, its development and things relevant to this.Get all info at
curl-users
Users of the command line tool. How to useit, what doesn't work, new features, related tools, questions, news,installations, compilations, running, porting etc.
curl-library
Developers using or developing libcurl.Bugs, extensions, improvements.
curl-announce
Low-traffic. Only receives announcements ofnew public versions. At worst, that makes something like one or two mailsper month, but usually only one mail every second month.
curl-and-php
Using the curl functions in PHP. Everythingcurl with a PHP angle. Or PHP with a curl angle.
curl-and-python
Python hackers using curl with or withoutthe python binding pycurl.
Please direct curl questions, featurerequests and trouble reports to one of these mailing lists instead of mailing anyindividual.
| 
发表于 2022-9-16 11:55:41
